CVE-2023-53748

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains a flaw in the media subsystem, specifically within the MediaTek vcodec decoder queue setup function. A user-supplied variable, nplanes, obtained through a system call argument, can exceed the bounds of an array index. The num planes variable can have a value between 1 and 3, while nplanes can range from 1 to 8, potentially leading to an out-of-bounds array access.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.